Changeset 116842 in webkit
- Timestamp:
- May 12, 2012 1:31:30 AM (12 years ago)
- Location:
- trunk/Source/WebCore
- Files:
-
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r116840 r116842 1 2012-05-12 Mike West <mkwst@chromium.org> 2 3 Cleanup ContentSecurityPolicy naming conventions. 4 https://bugs.webkit.org/show_bug.cgi?id=86282 5 6 Reviewed by Adam Barth. 7 8 Two tiny changes: 9 10 1. `reportURI` and `reportURL` are both used within the CSP 11 implementation. We should standardize on `reportURI` to match the 12 spec. 13 14 2. Renames `ContentSecurityPolicy::allowConnectFromSource` to 15 `ContentSecurityPolicy::allowConnectToSource` for clarity. 16 17 No new tests, as there's no user-visible change. 18 19 * Modules/websockets/WebSocket.cpp: 20 (WebCore::WebSocket::connect): 21 * page/ContentSecurityPolicy.cpp: 22 (CSPDirectiveList): 23 (WebCore::CSPDirectiveList::reportViolation): 24 (WebCore::CSPDirectiveList::allowConnectToSource): 25 (WebCore::CSPDirectiveList::parseReportURI): 26 (WebCore::CSPDirectiveList::addDirective): 27 (WebCore::ContentSecurityPolicy::allowConnectToSource): 28 * page/ContentSecurityPolicy.h: 29 * page/EventSource.cpp: 30 (WebCore::EventSource::create): 31 * xml/XMLHttpRequest.cpp: 32 (WebCore::XMLHttpRequest::open): 33 1 34 2012-05-11 Mark Pilgrim <pilgrim@chromium.org> 2 35 -
trunk/Source/WebCore/Modules/websockets/WebSocket.cpp
r112499 r116842 222 222 } 223 223 224 if (!scriptExecutionContext()->contentSecurityPolicy()->allowConnect FromSource(m_url)) {224 if (!scriptExecutionContext()->contentSecurityPolicy()->allowConnectToSource(m_url)) { 225 225 m_state = CLOSED; 226 226 -
trunk/Source/WebCore/page/ContentSecurityPolicy.cpp
r116274 r116842 504 504 bool allowFontFromSource(const KURL&) const; 505 505 bool allowMediaFromSource(const KURL&) const; 506 bool allowConnect FromSource(const KURL&) const;506 bool allowConnectToSource(const KURL&) const; 507 507 508 508 private: … … 545 545 OwnPtr<CSPDirective> m_connectSrc; 546 546 547 Vector<KURL> m_reportUR Ls;547 Vector<KURL> m_reportURIs; 548 548 }; 549 549 … … 581 581 m_scriptExecutionContext->addConsoleMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, message); 582 582 583 if (m_reportUR Ls.isEmpty())583 if (m_reportURIs.isEmpty()) 584 584 return; 585 585 … … 619 619 RefPtr<FormData> report = FormData::create(reportObject->toJSONString().utf8()); 620 620 621 for (size_t i = 0; i < m_reportUR Ls.size(); ++i)622 PingLoader::reportContentSecurityPolicyViolation(frame, m_reportUR Ls[i], report);621 for (size_t i = 0; i < m_reportURIs.size(); ++i) 622 PingLoader::reportContentSecurityPolicyViolation(frame, m_reportURIs[i], report); 623 623 } 624 624 … … 739 739 } 740 740 741 bool CSPDirectiveList::allowConnect FromSource(const KURL& url) const741 bool CSPDirectiveList::allowConnectToSource(const KURL& url) const 742 742 { 743 743 DEFINE_STATIC_LOCAL(String, type, ("connect")); … … 827 827 if (urlBegin < position) { 828 828 String url = String(urlBegin, position - urlBegin); 829 m_reportUR Ls.append(m_scriptExecutionContext->completeURL(url));829 m_reportURIs.append(m_scriptExecutionContext->completeURL(url)); 830 830 } 831 831 } … … 880 880 else if (!m_haveSandboxPolicy && equalIgnoringCase(name, sandbox)) 881 881 applySandboxPolicy(value); 882 else if (m_reportUR Ls.isEmpty() && equalIgnoringCase(name, reportURI))882 else if (m_reportURIs.isEmpty() && equalIgnoringCase(name, reportURI)) 883 883 parseReportURI(value); 884 884 else … … 1005 1005 } 1006 1006 1007 bool ContentSecurityPolicy::allowConnect FromSource(const KURL& url) const1008 { 1009 return isAllowedByAll<&CSPDirectiveList::allowConnect FromSource>(m_policies, url);1010 } 1011 1012 } 1007 bool ContentSecurityPolicy::allowConnectToSource(const KURL& url) const 1008 { 1009 return isAllowedByAll<&CSPDirectiveList::allowConnectToSource>(m_policies, url); 1010 } 1011 1012 } -
trunk/Source/WebCore/page/ContentSecurityPolicy.h
r116254 r116842 75 75 bool allowFontFromSource(const KURL&) const; 76 76 bool allowMediaFromSource(const KURL&) const; 77 bool allowConnect FromSource(const KURL&) const;77 bool allowConnectToSource(const KURL&) const; 78 78 79 79 void setOverrideAllowInlineStyle(bool); -
trunk/Source/WebCore/page/EventSource.cpp
r107239 r116842 89 89 } 90 90 91 if (!context->contentSecurityPolicy()->allowConnect FromSource(fullURL)) {91 if (!context->contentSecurityPolicy()->allowConnectToSource(fullURL)) { 92 92 // FIXME: Should this be throwing an exception? 93 93 ec = SECURITY_ERR; -
trunk/Source/WebCore/xml/XMLHttpRequest.cpp
r112555 r116842 479 479 } 480 480 481 if (!scriptExecutionContext()->contentSecurityPolicy()->allowConnect FromSource(url)) {481 if (!scriptExecutionContext()->contentSecurityPolicy()->allowConnectToSource(url)) { 482 482 // FIXME: Should this be throwing an exception? 483 483 ec = SECURITY_ERR;
Note: See TracChangeset
for help on using the changeset viewer.